From 79fb98c0dd8a75e07e4cd781c09c45901c983a4a Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Thu, 3 Oct 2019 23:34:24 +0000 Subject: [PATCH] fix: deps/npm/package.json & deps/npm/.snyk to reduce vulnerabilities The following vulnerabilities are fixed with a Snyk patch: - https://snyk.io/vuln/SNYK-JS-HTTPSPROXYAGENT-469131 --- deps/npm/.snyk | 8 ++++++++ deps/npm/package.json | 11 +++++++---- 2 files changed, 15 insertions(+), 4 deletions(-) create mode 100644 deps/npm/.snyk diff --git a/deps/npm/.snyk b/deps/npm/.snyk new file mode 100644 index 00000000000000..db624d2009dca7 --- /dev/null +++ b/deps/npm/.snyk @@ -0,0 +1,8 @@ +# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities. +version: v1.13.5 +ignore: {} +# patches apply the minimum changes required to fix a vulnerability +patch: + SNYK-JS-HTTPSPROXYAGENT-469131: + - pacote > make-fetch-happen > https-proxy-agent: + patched: '2019-10-03T23:34:22.554Z' diff --git a/deps/npm/package.json b/deps/npm/package.json index 5b0ab111e21282..a708e5e55e703e 100644 --- a/deps/npm/package.json +++ b/deps/npm/package.json @@ -119,7 +119,8 @@ "which": "~1.2.14", "worker-farm": "~1.4.1", "wrappy": "~1.0.2", - "write-file-atomic": "~2.1.0" + "write-file-atomic": "~2.1.0", + "snyk": "^1.230.5" }, "bundleDependencies": [ "abbrev", @@ -234,14 +235,16 @@ }, "scripts": { "dumpconf": "env | grep npm | sort | uniq", - "prepare": "node bin/npm-cli.js --no-timing prune --prefix=. --no-global && rimraf test/*/*/node_modules && make -j4 doc", + "prepare": "npm run snyk-protect && node bin/npm-cli.js --no-timing prune --prefix=. --no-global && rimraf test/*/*/node_modules && make -j4 doc", "preversion": "bash scripts/update-authors.sh && git add AUTHORS && git commit -m \"update AUTHORS\" || true", "tap": "tap --timeout 300", "tap-cover": "tap --nyc-arg='--cache' --coverage --timeout 600", "test": "standard && npm run test-tap", "test-coverage": "npm run tap-cover -- \"test/tap/*.js\" \"test/network/*.js\" \"test/broken-under-*/*.js\"", "test-tap": "npm run tap -- \"test/tap/*.js\" \"test/network/*.js\" \"test/broken-under-*/*.js\"", - "test-node": "tap --timeout 240 \"test/tap/*.js\" \"test/network/*.js\" \"test/broken-under-nyc*/*.js\"" + "test-node": "tap --timeout 240 \"test/tap/*.js\" \"test/network/*.js\" \"test/broken-under-nyc*/*.js\"", + "snyk-protect": "snyk protect" }, - "license": "Artistic-2.0" + "license": "Artistic-2.0", + "snyk": true }